It's reported today that several WordPress sites have been attacked yet one more time. Wordpress' scripts simply
appear to be vulnerable to all kinds of attacks and this one isn't different from the others it would seem.

The Internet Storm Center (ISC) has spotted so-called 'admedia hacker attacks' breaking out of their original
WordPress vectors. And there's been more than one report so far.

According to a blog post late last week, the ISC says that “the group behind the WordPress 'admedia' campaign is now
attacking Joomla-hosted sites.”

The other evolution in the campaign is that since it was first noticed at the beginning of this month mostly dropping
the Nuclear exploit kit on target sites, it's now added Angler, making matters a lot worse.

ISC's Duncan, who is also a security researcher at Rackspace, also notes that the attackers have started using
“megaadvertize” in their gateway URLs (instead of “admedia” as was used when the attack was first spotted).

But the technique stays the same-- the target site is compromised to generate hidden iFrames in visitors' browsers,
and the malicious URLs act as a “gateway between the compromised Website and the exploit kit hosted on the WordPress
server”.

As has happened several times in the past, a script injection was the initial attack, with the JavaScript files
from the compromised site carrying appended malicious scripts.